Skip to main content

Converged Security And Manageability Engine

8 CVEs product

Monthly

CVE-2022-26047 MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Killer Wifi Software Proset Wireless Wifi Uefi Wifi Driver +339
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-8761 MEDIUM This Month

Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Manageability Engine
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-8756 MEDIUM This Month

Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security And Manageability Engine
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8751 MEDIUM This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Manageability Engine Trusted Execution Technology
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-8745 MEDIUM PATCH This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Converged Security And Manageability Engine Trusted Execution Technology Simatic Drive Controller Firmware +19
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-8705 MEDIUM This Month

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security And Manageability Engine Trusted Execution Technology Server Platform Services
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2020-12303 HIGH This Week

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Intel Memory Corruption Converged Security And Manageability Engine +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-12297 HIGH This Week

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft Converged Security And Manageability Engine Trusted Execution Technology
NVD
CVSS 3.1
7.8
EPSS
0.4%
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Killer Wifi Software +341
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Manageability Engine
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security And Manageability Engine
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Manageability Engine +1
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Converged Security And Manageability Engine +21
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security And Manageability Engine +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Intel +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy